February 2021 - TuxCare

How to migrate your KernelCare license to a new server

How to migrate your KernelCare license to a new server

 

 

KernelCare is a solution to the problem of applying patches in a timely manner and keeping your system running without disruption, but sometimes you have to replace a server or migrate the service to another system. This short guide will show you how to move your KernelCare license to the new server.

Continue reading “How to migrate your KernelCare license to a new server”

Identify, mitigate & prevent buffer overflow attacks on your systems

How to identify, mitigate and prevent buffer overflow attacks on your systemsBuffer overflow vulnerabilities remain a common way in which cyber criminals gain illegal entry into computer systems. According to the National Vulnerability Database, there has been a steady increase in reported buffer overflow vulnerabilities over the decades – with 842 reported just last year.

Continue reading “Identify, mitigate & prevent buffer overflow attacks on your systems”

Understanding the new AF_VSOCK Linux kernel vulnerability

Understanding the new AF_VSOCK Linux kernel vulnerabilityThe discovery of a new Linux kernel vulnerability is not a major surprise in its own right. It happens all the time. However, sometimes it appears as if, whenever a security researcher goes looking, the researcher discovers a new, serious vulnerability in the Linux kernel – and that it happens just too often for comfort.

This February, a new vulnerability was reported in a relatively obscure corner of the Linux kernel – in a function that facilitates communications between virtual machine host and guest. Though just discovered, it is already listed as CVE-2021-26708.

In this article we outline the vulnerability, explain how it emerged, and point to the potential risks the new vulnerability holds.

Continue reading “Understanding the new AF_VSOCK Linux kernel vulnerability”

Patches for CVE-2021-26708 are being delivered

patches for CVE-2021-26708 are being delivered

 

A new week, a new vulnerability announced. This time, it affects kernels starting from version 5.5-rc1 (November 2019) up 5.10.13 (February 2021).

This vulnerability is an improperly handled race condition in the AF_VSOCK implementation, a kernel facility available to unprivileged users that is shipped as a kernel module in all major distributions.
Continue reading “Patches for CVE-2021-26708 are being delivered”

Yet Another Futex Vulnerability Found in the Kernel (CVE-2021-3347)

Yet Another Futex Vulnerability Found in the Kernel (CVE-2021-3347)

Linux vulnerabilities pile up. Year in, year out. You could say it’s inevitable really, given today’s complex computing environment. It is nonetheless frustrating when the same critical elements of the Linux OS kernel continue to surface as a vulnerable area.

Up to and including 2020, there are fourteen listed CVEs that cover the Linux futex implementation. Granted, futexes are formidably complex. Though futexes provide essential functionality, futexes are often not clearly understood, and some might argue that vulnerabilities are inevitable given the complexity of futex implementation.

Unfortunately, at the end of January 2021, another Linux kernel vulnerability that involves futex mishandling emerged. Worse, it involves a dangerous use-after-free vulnerability.

Continue reading “Yet Another Futex Vulnerability Found in the Kernel (CVE-2021-3347)”

Monthly KernelCare Update – January 2021

Monthly KernelCare Update - January 2021

It’s hard to believe the first month of 2021 has come and gone. In this issue of KernelCare monthly blog, you’ll find useful information that will keep your start to 2021 going smoothly. As always, we’ve included a video recap of our January highlights. But, for a deep dive into current topics, read on! Continue reading “Monthly KernelCare Update – January 2021”

Patch Raspberry Pi systems without a reboot for free with KernelCare

Cover-1 (1)-minYour Raspberry Pi might be a hobby or a critical part of your home network, but regardless of its purpose it can be a target for hackers. You may be familiar with common security for Raspberry Pi such as requiring a password to use sudo, changing the default sudo password, changing your default username, and the use of key-based authentication for SSH. These strategies improve your security, but the most critical part of Raspberry Pi protection is keeping it up to date with the latest security patches. KernelCare will help you live patch your Raspberry Pi device automatically for free.

Continue reading “Patch Raspberry Pi systems without a reboot for free with KernelCare”

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching